Android volley keep user logged in with cookies

Question

Straight to the point, I've created a simple login with Google's volley. Once the user is logged, I need to keep track of the cookies in order to let him doing some actions. I set up cookies with this function:

    private boolean setUpCookies(){

    boolean ris;

    cookieManager = new CookieManager(new PersistentCookieStore(getApplicationContext()), CookiePolicy.ACCEPT_ALL);
    CookieHandler.setDefault(cookieManager);

    SharedPreferences preferences = getSharedPreferences(PersistentCookieStore.class.getName(), MODE_PRIVATE);
    String session_cookie = preferences.getString("session_cookie",null);

    if(session_cookie != null && !session_cookie.isEmpty()){

        Log.d(TAG,session_cookie);
        ris = true;

    }else{

        ris = false;
    }

    return ris;

}

Where PersistentCookieStore is this: source

Then in my volley onResponse I have this:

        @Override
        public void onResponse(String response) {
            JsonParser parser = new JsonParser();
            JsonElement element = parser.parse(response);

            if (element.isJsonArray()) {
                try{

                    JsonArray array = element.getAsJsonArray();
                    JsonObject tmp = array.get(0).getAsJsonObject();

                    if(setUpCookies()){

                        Toast.makeText(getApplicationContext(), "Login OK", Toast.LENGTH_LONG).show();

                        Intent myIntent = new Intent(MainActivity.this, PostLogin.class);
                        startActivity(myIntent);

                    }else{

                        Toast.makeText(getApplicationContext(), "Could not set up cookies!", Toast.LENGTH_LONG).show();
                    }


                }catch (Exception e){
                    VolleyLog.d(e.getMessage());
                }

            } else if (element.isJsonObject()) {

                JsonObject object = element.getAsJsonObject();
                Toast.makeText(getApplicationContext(), "Error! " + object.get("error").getAsString(), Toast.LENGTH_LONG).show();

            }
            showProgress(false);
        }

Since I can not edit the server php pages, I wonder if I'm doing this correctly, because if I launch the app in the emulator, then I login and get the OK response, then throught Android Device Monitor I delete that preference I'm still able to do stuffs even if the cookies aren't set! Hope I could explain myself.

Answer 1

by :

cookieManager = new CookieManager(new PersistentCookieStore(getApplicationContext()), CookiePolicy.ACCEPT_ALL);
CookieHandler.setDefault(cookieManager);

you initialize the cookieStore and this is the only time the prefs are read. Every call will use the in-memory cookies and thus the session will be kept. If you delete the prefs and want to apply the changes you can either:

• force stop and start the app again
• re-initialize and set the PersistentCookieStore

you can also just use public boolean remove(URI uri, HttpCookie cookie) or public boolean removeAll() which will remove the in-memory cookies but keep the session one in the prefs as this implementation(PersistentCookieStore) does not sync on remove